wiki:ipv6v6config

Version 18 (modified by admin, 8 years ago) ( diff )

--

Device Configuration (Dual Stack/IPv6)

As our network is working well in IPv4 mode lets enable dual stack. This is very easy as its only configuring the interface IP addresses and IPv6 routing.

https://ws.learn.ac.lk/raw-attachment/wiki/ipv6v6config/IPv6.jpg

You can refer the following table for assign Interface IPv6 addresses. In the following IPv6 addresses replace the PQRT segment with the IPv6 block assign to you. You can find your IP block from here.

VLAN

VLAN Name

Device Name

VLAN Interface IPnsrc dynagen recovery

2

Core

CampusCore

2401:dd00:PQRT:2::FFFF/64

FacACore

2401:dd00:PQRT:2::A/64

FacBCore

2401:dd00:PQRT:2::B/64

10

Dept1

FacACore

2401:dd00:PQRT:A110::FFFF/64

Dept1PC

no interface IP

20

Dept2

FacBCore

2401:dd00:PQRT:B220::FFFF/64

Dept2PC

no interface IP

255

Router Connection/Public IP

CampusCore

2401:dd00:PQRT::FFFE/64

Initial Configurations

As we have done most of our configurations before setting up IPv4, Only configuration left is adding IPv6 DNS. Use the following command in all Core Devices and the Router (No need to add this in Dept1Sw & Dept2Sw)

ip name-server 2401:DD00:1::161

Core Network Layer

First Configure the CampusCore with IPv6 addresses and then move in to FacACore and FacBCore.

CampusCore

  • Login to CampusCore device. Give your console port password (class password)
  • Go to config mode from user mode. Give your enable password (class password)
  • Assign the IPv6 Address to the VLAN interface
    CampusCore(config)#interface vlan 2
    CampusCore(config-if)# ipv6 address 2401:dd00:PQRT:2::FFFF/64 
    CampusCore(config-if)# exit
    CampusCore(config)#interface vlan 255
    CampusCore(config-if)# ipv6 address 2401:dd00:PQRT::FFFE/64 
    CampusCore(config-if)# exit
    
  • Next we have to configure unicast routing in the Switch
    CampusCore(config)#ipv6 unicast-routing
    
  • Make sure you save the configurations to start-up

Then we will configure FacACore with it's IPv6 Addresses

FacACore

  • Login to FacACore device. Give your console port password (class password)
  • Go to config mode from user mode. Give your enable password (class password)
  • Assign the IP Address to the VLAN interface and enable unicast routing
    FacACore(config)#interface vlan 2
    FacACore(config-if)#ipv6 address 2401:dd00:PQRT:2::A/64
    FacACore(config-if)#exit
    FacACore(config)#interface vlan 10
    FacACore(config-if)#ipv6 address 2401:dd00:PQRT:A110::FFFF/64
    FacACore(config-if)#exit 
    FacACore(config)#ipv6 unicast-routing
    FacACore(config)#exit
    FacACore#write
    

FacBCore

  • Repeat same to configure FacBCore
    FacBCore(config)#interface vlan 2
    FacBCore(config-if)#ipv6 address 2401:dd00:PQRT:2::B/64
    FacBCore(config-if)#exit
    FacBCore(config)#interface vlan 20
    FacBCore(config-if)#ipv6 address 2401:dd00:PQRT:B220::FFFF/64
    FacBCore(config-if)#exit 
    FacBCore(config)#ipv6 unicast-routing
    FacBCore(config)#exit
    FacBCore#write
    
  • Finally Verify the connectivity
    • Go to FacACore device
    • Go to privileged mode and ping CampusCore and FacBCore
      ping 2401:dd00:PQRT:2::FFFF
      ping 2401:dd00:PQRT:2::B
      
  • You should get a positive reply with "!!"

PC Auto Configuration

Log in to your Dept1PC and check its IP address by issuing ifconfig in console. You may notice that there is a new IPv6 address auto configured with the VLAN 10 prefix.

  • Try ping IPv6 gateway
    ping6 2401:dd00:PQRT:A110::FFFF
    
  • you will get a positive result

Check the same with Dept2PC. But now it should show an address from VLAN 20 prefix. Check connectivity by ping6 VLAN20 interface ipv6 address.

Connecting LAN to the Router

Now you have done LAN interface configuration. Let's start routers Configuration.

  • Login to BorderRt Router and switch to config mode
  • Router's IP allocation is as follows. You can get your Router's IP address from here.
Interface Name IP Address
Fast Ethernet 0/0 2401:dd00:PQRT::FFFF/64
Fast Ethernet 0/1 <Your Routers WAN IPv6>
  • Let's configure the LAN port (fa 0/0)
    BorderRt(config)#interface fastEthernet 0/0
    BorderRt(config-if)#ipv6 address 2401:dd00:PQRT::FFFE/64
    BorderRt(config-if)#exit
    
  • Configure the WAN port (fa 0/1)
    BorderRt(config)#interface fastEthernet 0/1
    BorderRt(config-if)#ipv6 address 2401:dd00:6::XXXX/64
    BorderRt(config-if)#exit
    BorderRt(config)#ipv6 unicast-routing
    BorderRt(config)#exit
    BorderRt#write
    
  • You have successfully finished connecting CampusCore to the BorderRt router. Let's verify the connectivity using the ping command
  • Go to BorderRt and ping to CampusCore switch's VLAN 255 Interface IP
    ping 2401:dd00:PQRT::FFFF
    
  • Now Check the routers connectivity in WAN port. Ping to the WAN Gateway
    ping 2401:DD00:1:128::FFFF
    
    • Both these ping commands should give you a reply 

Routing

In this Lab we will enable OSPF for IPv6 in all the core switches and we will add default routes in !Campuscore and the router.

  • Now let's enable OSPF on Core devices. Starting from CampusCore
    • Login to CampusCore? switch and switch to config mode
    • Define OSPF process and Process ID. In this lab use process ID as 1
      CampusCore(config)#ipv6 router ospf 1
      
    • Give the router ID, this will be the same as ipv4 ospf router ID for simplicity
      CampusCore(config-rtr)#router-id 10.0.2.1
      
    • You are going to announce the subnets which are directly connects to you. Use this command for that
      CampusCore(config-rtr)#redistribute connected
      
    • You are enabling OSPF on VLAN 2. Use this command for that.
      CampusCore(config)#interface vlan 2
      CampusCore(config-if)# ipv6 ospf 1 area 2
      CampusCore(config-if)# exit
      
    • Now you have enable OSPF on CampusCore Switch. Now lets add the default Route.
      CampusCore(config)# ipv6 route ::/0 2401:dd00:PQRT::FFFF
      
  • Follow the same steps in FacACore and FacBCore

FacACore

FacACore(config)#ipv6 router ospf 1
FacACore(config-rtr)#router-id 10.0.2.2
FacACore(config-rtr)#redistribute connected
FacACore(config-rtr)#exit
FacACore(config)#interface vlan 2
FacACore(config-if)# ipv6 ospf 1 area 2
FacACore(config-if)# exit
FacACore(config)#ipv6 route ::/0 2401:dd00:PQRT:2::FFFF

FacBCore

FacBCore(config)#ipv6 router ospf 1
FacBCore(config-rtr)#router-id 10.0.2.3
FacBCore(config-rtr)#redistribute connected
FacBCore(config-rtr)#exit
FacBCore(config)#interface vlan 2
FacBCore(config-if)# ipv6 ospf 1 area 2
FacBCore(config-if)# exit
FacACore(config)#ipv6 route ::/0 2401:dd00:PQRT:2::FFFF
  • Now you have enable Routing in your Core network. Let's verify whether it is working. 
    • Go to Dept1PC and try a Ping6 to Dept2PC
    • Try a ping to Router's LAN port
      ping6 2401:dd00:PQRT::FFFF
      
    • Both should give you a reply
  • Add the BorderRt Routers default gateway
    • Go to BorderRt and switch to config mode
    • Add the default route
       - BorderRt(config)# ipv6 route ::/0 2401:DD00:1:128::FFFF
      
    • Verify the route by ping a known host from the BorderRt router
      ping 2401:dd00:1::161
      
    • This should give you a reply

Router Configuration

Here we need no NAT to access internet, only dependency is the correct routing details.

  • Login to BorderRt Router and switch to config mode
  • Add a static route in the router so that the traffic coming to our defined network will redirect to CampusCore switch
    BorderRt(config)#ipv6 route 2401:dd00:PQRT::/48 2401:dd00:PQRT::FFFE
    
  • Now try a ping from DeptPC1 to the 2401:dd00:1::161 . It should give reply

Wireshark

Let's capture some packets and do a analysis.

  • Log in to Dept1PC and and start blackbox.
    sudo startx
    
  • Right click on desktop and open xterm terminal
  • type wireshark and press enter
  • On the wireshark interface select the enp0s3 interface and click Capture packets button
  • While you are capturing. Open another xterm terminal. And type midori and press enter.
  • You will get midori browser. Click the arrow head at top right corner to get the menu. In the menu select New Private Browsing Window
  • Browse for www.google.com from the browser.
  • Go back to wireshark and stop capturing
  • Click on Statistics and select Summary
  • You will see high percentage of IPv6 packets
  • Try for some other popular sites

Attachments (1)

Download all attachments as: .zip

Note: See TracWiki for help on using the wiki.